Norman Pendegraft

Gaming techniques to improve the team‐formation process

The use of team‐based activities is popular in education and training settings, but such exercises are not without their problems. Examines the group‐formation process and specifically explores the use of games as a means for potential team members to share background information before the groups are chosen. Describes the process used to develop the “circle‐and‐sniff” game and its administration, and presents the results of the study.

The optimality of tit‐for‐tat

The paper examines the performance of tit‐for‐tat in iterated plays of prisoners’ dilemma and chicken. In particular, the paper examines, via computer simulations, a space of surrogate Axelrod‐type tournaments over these games. The surrogate tournaments are specified in terms of characteristics of strategies similar to those Axelrod identifies as fundamental. The paper shows that the zones of optimality for tit‐for‐tat in tournament play of both prisoners’ dilemma and chicken remarkably constrained, but that tit‐for‐tat generally does well relative to other strategies. Furthermore, our results show that the success of tit‐for‐tat is sensitive to the number of players and the assignment of payoff values.

A Simulation Model of Information Systems Security

The value of IS security is evaluated by simulating interactions between an information system, its users, and a population of attackers. Results suggest that the marginal value of additional security may be positive or negative as can the time rate of change of system value. This implies that IT security policy makers should be aware of where they are in the state space before setting IT security policy.

A simulation model of IS security

Determination of the actual value of security measures is an area currently undergoing scrutiny by many researchers. One method to determine this is to devise a simulation model that incorporates interactions between an information system, its users and a population of attackers. Initial simulation results suggest that the marginal value of additional security may be positive or negative as can the time rate of change of system value. Policy implications include the realization that IT security policy makers should be aware of their location in the state space before setting IT security policy.

Analyzing Information System Investments: A Game-Theoretic Approach

Abstract Businesses invest billions of dollars in information technology every year. Sometimes the incentive for a given investment may not be apparent when considered using traditional financial analysis methods. in this article, Game Theory and an extension, the Theory of Moves, are presented as alternative methods of modeling IT investment decisions. This technique specifically considers investments motivated by operating or competitive necessity. the modeling process is discussed and several examples from the current trade press are examined.

The impact of election frequency and crises upon the arms race

This paper examines the impact of election frequency and crises upon the arms race via the computer simulation introduced in Dacey and Pendegraft (1988). We answer two basic questions. First, in an arms race are there advantages to holding elections frequently (i.e., on a short interval) as opposed to infrequently (i.e., on a long interval)? Second, do crises have an influence on the outcome of arms races, and if so, how? The answers to these questions are straightforward. For the first question, we find that in round‐robin tournament play (i.e., traditional Axelrod‐type play) the advantage rests with the short election interval players, and in inter‐group play it rests with the long election interval players. For the second question we find that crises have a pronounced effect, and the size of the effect depends on the relationship between election frequency and the frequency with which losing players are removed from the tournament. [Key Words: Election frequency, Crises, Arms Race]

An Experimental Study to Explore Attacker Response to Changes in Security and Reward

In previous simulation studies, attackers were assumed to respond to changes in reward with an S shaped curve and to changes in security with a declining S shaped curve. This paper reports experimental work that investigates the validity of those assumptions. In general, the results suggest that the assumptions are reasonable.

Systems Analysis, Interviewing, and the Improv

Interviewing is a critical skill for systems analysts. This article describes an experiment using student actors as interviewees for in‐class exercises to teach interviewing in the junior‐level systems analysis course. The experiment proved beneficial to the class, to the actors, and to the senior IS majors who helped the actors prepare.

Conceptually modelling the trade-offs between continuous and traditional auditing

Continuous auditing (CA) has been of significant interest in recent years. The focus of CA in this research is in its use in the internal audit function. Specifically, the research examines the factors influencing an organisation’s mix of CA and traditional audit techniques in the internal audit function. A theoretical model is proposed based on a Cobb-Douglas production function using the capital variable to represent continuous internal audit techniques and labour the use of traditional techniques. A series of simulations are performed providing evidence that the conceptual model of CA adoption has face value validity. The optimal mix of capital (CA) and labour (traditional) for the organisation, given a budget restraint is generally not an all or nothing proposition. Mathematically, the percentage of the budget spent on these two forms of auditing techniques depends on the elasticity of substitution between labour (traditional auditing) and capital (continuous auditing).

A Spreadsheet Exercise for Teaching Data Volume and Usage Analysis in the Introductory Database Course

It is argued that volume and usage analysis are useful topics in the introductory database course. Since time is limited and many students struggle with the issues, a simple spread sheet model is presented for helping students learn data volume and usage analysis. A simple example is presented, and student response to a related exercise is reported.